PCI Requirement 10.4.1 – Critical Systems Have the Correct and Consistent Time

Author: kirkpatrickprice00

Description: Learn more at https://kirkpatrickprice.com/video/pc...
PCI Requirement 10.4.1 requires that critical systems have the correct and consistent time so that chronological events can be recreated. Without proper and consistent synchronization, it’s almost impossible to compare logs to systems and determine an exact sequence of events. Compliance with PCI Requirement 10.4.1 is crucial during incident response.
There are several testing procedures to verify compliance with PCI Requirement 10.4.1. The PCI DSS states that assessors should observe the process for acquiring, distributing, and storing the correct time within an organization and observe the time-related system-parameter settings for a sample of system components to verify that: only the designated central time servers receive time signals from external sources, and time signals from external sources are based on International Atomic Time or UTC, where there is more than one designated time server, the time servers work with one another to keep accurate time, and systems receive time information only from designated central time servers. An assessor will follow these testing procedures and observe time management systems to ensure that critical systems have the correct and consistent time.
Stay Connected
Twitter: https://twitter.com/KPAudit
LinkedIn: https://www.linkedin.com/company/kirk...
Facebook: https://www.facebook.com/kirkpatrickp...

More Free Resources
Blog: https://kirkpatrickprice.com/blog/
Webinars: https://kirkpatrickprice.com/webinars/
Videos: https://kirkpatrickprice.com/video/
White Papers: https://kirkpatrickprice.com/white-pa...

About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.

For more about KirkpatrickPrice: https://kirkpatrickprice.com/
Contact us today: 800-770-2701 https://kirkpatrickprice.com/contact/